Linux Analysis Report
x86.elf

Overview

General Information

Sample name:	x86.elf
Analysis ID:	1562722
MD5:	6c729f11f6803f98780dd8fb703fd3f4
SHA1:	c34ea885a9e186d052f47af72d4a7951afc868ab
SHA256:	d6c811a85da0937edf987d3cd032b13903ba7ea0c1796f654f7c5a2c9593d55d
Tags:	elfuser-abuse_ch
Infos:

Detection

Gafgyt, Mirai

Score:	100
Range:	0 - 100
Whitelisted:	false

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for dropped file

Malicious sample detected (through community Yara rule)

Yara detected Gafgyt

Yara detected Mirai

Contains symbols with names commonly found in malware

Machine Learning detection for dropped file

Machine Learning detection for sample

Sample deletes itself

Sample tries to persist itself using cron

Sample tries to set files in /etc globally writable

Writes identical ELF files to multiple locations

Creates hidden files and/or directories

Sample contains strings that are user agent strings indicative of HTTP manipulation

Sample tries to set the executable flag

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Writes ELF files to disk

Yara signature match

Classification

Malware Threat Intel
Provided by

Name	Description	Attribution	Blogpost URLs	Link
Bashlite, Gafgyt	Bashlite is a malware family which infects Linux systems in order to launch distributed denial-of-service attacks (DDoS). Originally it was also known under the name Bashdoor, but this term now refers to the exploit method used by the malware. It has been used to launch attacks of up to 400 Gbps.	No Attribution	http://blog.trendmicro.com/trendlabs-security-intelligence/bashlite-affects-devices-running-on-busybox/ https://blog.cyber5w.com/gafgyt-backdoor-analysis https://blog.netlab.360.com/gafgtyt_tor-and-necro-are-on-the-move-again/ https://blog.netlab.360.com/public-cloud-threat-intelligence-202203/ https://blog.netlab.360.com/some_details_of_the_ddos_attacks_targeting_ukraine_and_russia_in_recent_days/	https://malpedia.caad.fkie.fraunhofer.de/details/elf.bashlite

Name	Description	Attribution	Blogpost URLs	Link
Mirai	Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.	No Attribution	http://osint.bambenekconsulting.com/feeds/ http://www.simonroses.com/2016/10/mirai-ddos-botnet-source-code-binary-analysis/ https://blog.malwaremustdie.org/2020/02/mmd-0065-2021-linuxmirai-fbot-re.html https://blog.netlab.360.com/another-lilin-dvr-0-day-being-used-to-spread-mirai-en/ https://blog.netlab.360.com/mirai_ptea-botnet-is-exploiting-undisclosed-kguard-dvr-vulnerability-en/	https://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: x86.elf

Avira: detected

Antivirus detection for dropped file

Source: /tmp/filePDxcMy	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileTma2ET	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileeNG5DQ	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filePBDfvq	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file2jhEeE	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file9A4GLp	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file4pVPyP	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileHJhEpH	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileLy1jU3	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file1QIyXl	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileXxh8wk	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filejDXaDH	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileCF2Hnc	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filedkRXxs	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileQ5shb2	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileWdgeA2	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filehWYmhj	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file60cv7E	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file470u1N	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileUgTOdi	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file8oGpqk	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file4DiwZW	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileBFgRHP	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filedS2MQv	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileRu8dY5	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file6kWgpU	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file7bgEB3	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file6zcNMS	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file2HKM1f	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filefqXeP3	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileKUwFri	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.

Machine Learning detection for dropped file

Source: /tmp/filePDxcMy	Joe Sandbox ML: detected
Source: /tmp/fileTma2ET	Joe Sandbox ML: detected
Source: /tmp/fileeNG5DQ	Joe Sandbox ML: detected
Source: /tmp/filePBDfvq	Joe Sandbox ML: detected
Source: /tmp/file2jhEeE	Joe Sandbox ML: detected
Source: /tmp/file9A4GLp	Joe Sandbox ML: detected
Source: /tmp/file4pVPyP	Joe Sandbox ML: detected
Source: /tmp/fileHJhEpH	Joe Sandbox ML: detected
Source: /tmp/fileLy1jU3	Joe Sandbox ML: detected
Source: /tmp/file1QIyXl	Joe Sandbox ML: detected
Source: /tmp/fileXxh8wk	Joe Sandbox ML: detected
Source: /tmp/filejDXaDH	Joe Sandbox ML: detected
Source: /tmp/fileCF2Hnc	Joe Sandbox ML: detected
Source: /tmp/filedkRXxs	Joe Sandbox ML: detected
Source: /tmp/fileQ5shb2	Joe Sandbox ML: detected
Source: /tmp/fileWdgeA2	Joe Sandbox ML: detected
Source: /tmp/filehWYmhj	Joe Sandbox ML: detected
Source: /tmp/file60cv7E	Joe Sandbox ML: detected
Source: /tmp/file470u1N	Joe Sandbox ML: detected
Source: /tmp/fileUgTOdi	Joe Sandbox ML: detected
Source: /tmp/file8oGpqk	Joe Sandbox ML: detected
Source: /tmp/file4DiwZW	Joe Sandbox ML: detected
Source: /tmp/fileBFgRHP	Joe Sandbox ML: detected
Source: /tmp/filedS2MQv	Joe Sandbox ML: detected
Source: /tmp/fileRu8dY5	Joe Sandbox ML: detected
Source: /tmp/file6kWgpU	Joe Sandbox ML: detected
Source: /tmp/file7bgEB3	Joe Sandbox ML: detected
Source: /tmp/file6zcNMS	Joe Sandbox ML: detected
Source: /tmp/file2HKM1f	Joe Sandbox ML: detected
Source: /tmp/filefqXeP3	Joe Sandbox ML: detected
Source: /tmp/fileKUwFri	Joe Sandbox ML: detected

Machine Learning detection for sample

Source: x86.elf

Joe Sandbox ML: detected

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Source: global traffic	TCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
Source: global traffic	TCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global traffic	TCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80

Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.43
Source: unknown	TCP traffic detected without corresponding DNS query: 109.202.202.202
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.43
Source: unknown	TCP traffic detected without corresponding DNS query: 109.202.202.202
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42

Source: x86.elf, 6230.1.0000556cd67fb000.0000556cd681c000.rw-.sdmp	String found in binary or memory: http://cf0.pw/0/etc/cron.hourly/0
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://gnu.org/licenses/gpl.html
Source: filevVeDI2, 6415.1.00007f576945a000.00007f57698ba000.rw-.sdmp	String found in binary or memory: https://translationproject.org/team/
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://wiki.xiph.org/MIME_Types_and_File_Extensions
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://wiki.xiph.org/MIME_Types_and_File_Extensions.oga
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://wiki.xiph.org/MIME_Types_and_File_Extensions.ogv
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://www.gnu.org/gethelp/
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://www.gnu.org/software/coreutils/
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://www.gnu.org/software/coreutils/Report

Source: unknown	Network traffic detected: HTTP traffic on port 43928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443

System Summary

Malicious sample detected (through community Yara rule)

Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6419.1.0000556fbebbc000.0000556fbebbe000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6277.1.000055da7060e000.000055da70610000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6368.1.0000558428308000.000055842830a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6317.1.0000561e91288000.0000561e9128a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6415.1.0000560143463000.0000560143465000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6288.1.0000558e7f7da000.0000558e7f7dc000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6262.1.000055c0fe099000.000055c0fe09b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6306.1.00005617e37af000.00005617e37b1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6337.1.000055ca8b809000.000055ca8b80b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6230.1.0000556cd59ac000.0000556cd59ae000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6396.1.0000557273e6b000.0000557273e6d000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6404.1.000055639aa42000.000055639aa44000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6386.1.000056235a178000.000056235a17a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6392.1.000055f3be940000.000055f3be942000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6270.1.000055d9c8060000.000055d9c8062000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6327.1.0000563f15904000.0000563f15906000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6297.1.000055570746e000.0000555707470000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6371.1.0000556bbe82d000.0000556bbe82f000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6349.1.00005630d6322000.00005630d6324000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6365.1.0000562595039000.000056259503b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6389.1.000055dc0596a000.000055dc0596c000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6285.1.0000561a550af000.0000561a550b1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6383.1.00005573f729f000.00005573f72a1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6324.1.00005559cf511000.00005559cf513000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6399.1.0000563a7b132000.0000563a7b134000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6310.1.000055a2c85d1000.000055a2c85d3000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6237.1.000055db7e886000.000055db7e888000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6303.1.000055cd95c9e000.000055cd95ca0000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6300.1.00005607b8fff000.00005607b9001000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6412.1.000055b34e687000.000055b34e689000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6233.1.00005603c68cb000.00005603c68cd000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6240.1.00005559e0ac3000.00005559e0ac5000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6273.1.000055e90fdc0000.000055e90fdc2000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6282.1.000055c16c96c000.000055c16c96e000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6265.1.0000561fe41d6000.0000561fe41d8000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6291.1.00005610c7e55000.00005610c7e57000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6358.1.000055c9482e4000.000055c9482e6000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6352.1.000055a146b96000.000055a146b98000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6407.1.000055aed0413000.000055aed0415000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6330.1.000055ecb61e3000.000055ecb61e5000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6377.1.00005600cf679000.00005600cf67b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6327.1.00007f5f03fd2000.00007f5f0431a000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6340.1.0000560704d06000.0000560704d08000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6346.1.000055c7733f9000.000055c7733fb000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6333.1.000055b8da3d7000.000055b8da3d9000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6314.1.000055e72b056000.000055e72b058000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown

Contains symbols with names commonly found in malware

Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack

Yara signature match

Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6419.1.0000556fbebbc000.0000556fbebbe000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6277.1.000055da7060e000.000055da70610000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6368.1.0000558428308000.000055842830a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6317.1.0000561e91288000.0000561e9128a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6415.1.0000560143463000.0000560143465000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6288.1.0000558e7f7da000.0000558e7f7dc000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6262.1.000055c0fe099000.000055c0fe09b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6306.1.00005617e37af000.00005617e37b1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6337.1.000055ca8b809000.000055ca8b80b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6230.1.0000556cd59ac000.0000556cd59ae000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6396.1.0000557273e6b000.0000557273e6d000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6404.1.000055639aa42000.000055639aa44000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6386.1.000056235a178000.000056235a17a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6392.1.000055f3be940000.000055f3be942000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6270.1.000055d9c8060000.000055d9c8062000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6327.1.0000563f15904000.0000563f15906000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6297.1.000055570746e000.0000555707470000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6371.1.0000556bbe82d000.0000556bbe82f000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6349.1.00005630d6322000.00005630d6324000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6365.1.0000562595039000.000056259503b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6389.1.000055dc0596a000.000055dc0596c000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6285.1.0000561a550af000.0000561a550b1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6383.1.00005573f729f000.00005573f72a1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6324.1.00005559cf511000.00005559cf513000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6399.1.0000563a7b132000.0000563a7b134000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6310.1.000055a2c85d1000.000055a2c85d3000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6237.1.000055db7e886000.000055db7e888000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6303.1.000055cd95c9e000.000055cd95ca0000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6300.1.00005607b8fff000.00005607b9001000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6412.1.000055b34e687000.000055b34e689000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6233.1.00005603c68cb000.00005603c68cd000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6240.1.00005559e0ac3000.00005559e0ac5000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6273.1.000055e90fdc0000.000055e90fdc2000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6282.1.000055c16c96c000.000055c16c96e000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6265.1.0000561fe41d6000.0000561fe41d8000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6291.1.00005610c7e55000.00005610c7e57000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6358.1.000055c9482e4000.000055c9482e6000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6352.1.000055a146b96000.000055a146b98000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6407.1.000055aed0413000.000055aed0415000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6330.1.000055ecb61e3000.000055ecb61e5000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6377.1.00005600cf679000.00005600cf67b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6327.1.00007f5f03fd2000.00007f5f0431a000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6340.1.0000560704d06000.0000560704d08000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6346.1.000055c7733f9000.000055c7733fb000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6333.1.000055b8da3d7000.000055b8da3d9000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6314.1.000055e72b056000.000055e72b058000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16

Source: classification engine

Classification label: mal100.troj.evad.linELF@0/44@0/0

Persistence and Installation Behavior

Sample tries to persist itself using cron

Source: /tmp/x86.elf (PID: 6230)

File: /etc/cron.hourly/0

Jump to behavior

Sample tries to set files in /etc globally writable

Source: /tmp/x86.elf (PID: 6230)

File: /etc/cron.hourly/0 (bits: uv usr: rwx grp: rwx all: rwx)

Jump to behavior

Writes identical ELF files to multiple locations

Source: /tmp/fileLy1jU3 (PID: 6310)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file8oGpqk	Jump to dropped file
Source: /tmp/filew3wvPR (PID: 6333)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filefqXeP3	Jump to dropped file
Source: /tmp/file6kWgpU (PID: 6297)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileXxh8wk	Jump to dropped file
Source: /tmp/filekeuGUz (PID: 6346)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file7bgEB3	Jump to dropped file
Source: /tmp/files64ECN (PID: 6399)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileQ5shb2	Jump to dropped file
Source: /tmp/fileySilhv (PID: 6358)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file4DiwZW	Jump to dropped file
Source: /tmp/fileBFgRHP (PID: 6306)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileLy1jU3	Jump to dropped file
Source: /tmp/file4pVPyP (PID: 6386)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileRu8dY5	Jump to dropped file
Source: /tmp/file6zcNMS (PID: 6324)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filePBDfvq	Jump to dropped file
Source: /tmp/filetHDYbl (PID: 6273)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filedS2MQv	Jump to dropped file
Source: /tmp/file60cv7E (PID: 6291)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file6kWgpU	Jump to dropped file
Source: /tmp/fileXxh8wk (PID: 6300)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/files00aOy	Jump to dropped file
Source: /tmp/file7bgEB3 (PID: 6349)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filehWYmhj	Jump to dropped file
Source: /tmp/filedkRXxs (PID: 6407)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileHJhEpH	Jump to dropped file
Source: /tmp/file9A4GLp (PID: 6288)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file60cv7E	Jump to dropped file
Source: /tmp/filePBDfvq (PID: 6327)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filetdSCHD	Jump to dropped file
Source: /tmp/file4DiwZW (PID: 6365)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filevo1ogs	Jump to dropped file
Source: /tmp/files00aOy (PID: 6303)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileBFgRHP	Jump to dropped file
Source: /tmp/fileCF2Hnc (PID: 6285)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file9A4GLp	Jump to dropped file
Source: /tmp/fileqhp3Kw (PID: 6237)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file470u1N	Jump to dropped file
Source: /tmp/file2jhEeE (PID: 6317)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file6zcNMS	Jump to dropped file
Source: /tmp/filefqXeP3 (PID: 6337)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file1QIyXl	Jump to dropped file
Source: /tmp/filehWYmhj (PID: 6352)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileySilhv	Jump to dropped file
Source: /tmp/fileRu8dY5 (PID: 6389)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileKUwFri	Jump to dropped file
Source: /tmp/filekXlXRW (PID: 6377)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filerPV3jn	Jump to dropped file
Source: /tmp/filetdSCHD (PID: 6330)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filew3wvPR	Jump to dropped file
Source: /tmp/fileeNG5DQ (PID: 6282)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileCF2Hnc	Jump to dropped file
Source: /tmp/fileKUwFri (PID: 6392)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filePDxcMy	Jump to dropped file
Source: /tmp/file470u1N (PID: 6240)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileWdgeA2	Jump to dropped file
Source: /tmp/filevVeDI2 (PID: 6415)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file2HKM1f	Jump to dropped file
Source: /tmp/filevo1ogs (PID: 6368)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filetyqwKI	Jump to dropped file
Source: /tmp/fileTma2ET (PID: 6270)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filetHDYbl	Jump to dropped file
Source: /tmp/filerPV3jn (PID: 6383)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file4pVPyP	Jump to dropped file
Source: /tmp/filejDXaDH (PID: 6265)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileTma2ET	Jump to dropped file
Source: /tmp/file8oGpqk (PID: 6314)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file2jhEeE	Jump to dropped file
Source: /tmp/filetyqwKI (PID: 6371)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filekXlXRW	Jump to dropped file
Source: /tmp/filedS2MQv (PID: 6277)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileeNG5DQ	Jump to dropped file
Source: /tmp/fileWdgeA2 (PID: 6262)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filejDXaDH	Jump to dropped file
Source: /tmp/fileQ5shb2 (PID: 6404)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filedkRXxs	Jump to dropped file
Source: /tmp/fileUgTOdi (PID: 6233)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileqhp3Kw	Jump to dropped file
Source: /tmp/filePDxcMy (PID: 6396)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/files64ECN	Jump to dropped file
Source: /tmp/fileHJhEpH (PID: 6412)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filevVeDI2	Jump to dropped file
Source: /tmp/file1QIyXl (PID: 6340)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filekeuGUz	Jump to dropped file

Creates hidden files and/or directories

Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/..	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/..	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/..	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior

Sample tries to set the executable flag

Source: /tmp/x86.elf (PID: 6230)	File: /etc/cron.hourly/0 (bits: uv usr: rwx grp: rwx all: rwx)			Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	File: <invalid fd (-1)> (bits: uv usr: rwx grp: rwx all: rwx)			Jump to behavior

Writes ELF files to disk

Source: /tmp/x86.elf (PID: 6230)	File written: /tmp/fileUgTOdi	Jump to dropped file
Source: /tmp/fileUgTOdi (PID: 6233)	File written: /tmp/fileqhp3Kw	Jump to dropped file
Source: /tmp/fileqhp3Kw (PID: 6237)	File written: /tmp/file470u1N	Jump to dropped file
Source: /tmp/file470u1N (PID: 6240)	File written: /tmp/fileWdgeA2	Jump to dropped file
Source: /tmp/fileWdgeA2 (PID: 6262)	File written: /tmp/filejDXaDH	Jump to dropped file
Source: /tmp/filejDXaDH (PID: 6265)	File written: /tmp/fileTma2ET	Jump to dropped file
Source: /tmp/fileTma2ET (PID: 6270)	File written: /tmp/filetHDYbl	Jump to dropped file
Source: /tmp/filetHDYbl (PID: 6273)	File written: /tmp/filedS2MQv	Jump to dropped file
Source: /tmp/filedS2MQv (PID: 6277)	File written: /tmp/fileeNG5DQ	Jump to dropped file
Source: /tmp/fileeNG5DQ (PID: 6282)	File written: /tmp/fileCF2Hnc	Jump to dropped file
Source: /tmp/fileCF2Hnc (PID: 6285)	File written: /tmp/file9A4GLp	Jump to dropped file
Source: /tmp/file9A4GLp (PID: 6288)	File written: /tmp/file60cv7E	Jump to dropped file
Source: /tmp/file60cv7E (PID: 6291)	File written: /tmp/file6kWgpU	Jump to dropped file
Source: /tmp/file6kWgpU (PID: 6297)	File written: /tmp/fileXxh8wk	Jump to dropped file
Source: /tmp/fileXxh8wk (PID: 6300)	File written: /tmp/files00aOy	Jump to dropped file
Source: /tmp/files00aOy (PID: 6303)	File written: /tmp/fileBFgRHP	Jump to dropped file
Source: /tmp/fileBFgRHP (PID: 6306)	File written: /tmp/fileLy1jU3	Jump to dropped file
Source: /tmp/fileLy1jU3 (PID: 6310)	File written: /tmp/file8oGpqk	Jump to dropped file
Source: /tmp/file8oGpqk (PID: 6314)	File written: /tmp/file2jhEeE	Jump to dropped file
Source: /tmp/file2jhEeE (PID: 6317)	File written: /tmp/file6zcNMS	Jump to dropped file
Source: /tmp/file6zcNMS (PID: 6324)	File written: /tmp/filePBDfvq	Jump to dropped file
Source: /tmp/filePBDfvq (PID: 6327)	File written: /tmp/filetdSCHD	Jump to dropped file
Source: /tmp/filetdSCHD (PID: 6330)	File written: /tmp/filew3wvPR	Jump to dropped file
Source: /tmp/filew3wvPR (PID: 6333)	File written: /tmp/filefqXeP3	Jump to dropped file
Source: /tmp/filefqXeP3 (PID: 6337)	File written: /tmp/file1QIyXl	Jump to dropped file
Source: /tmp/file1QIyXl (PID: 6340)	File written: /tmp/filekeuGUz	Jump to dropped file
Source: /tmp/filekeuGUz (PID: 6346)	File written: /tmp/file7bgEB3	Jump to dropped file
Source: /tmp/file7bgEB3 (PID: 6349)	File written: /tmp/filehWYmhj	Jump to dropped file
Source: /tmp/filehWYmhj (PID: 6352)	File written: /tmp/fileySilhv	Jump to dropped file
Source: /tmp/fileySilhv (PID: 6358)	File written: /tmp/file4DiwZW	Jump to dropped file
Source: /tmp/file4DiwZW (PID: 6365)	File written: /tmp/filevo1ogs	Jump to dropped file
Source: /tmp/filevo1ogs (PID: 6368)	File written: /tmp/filetyqwKI	Jump to dropped file
Source: /tmp/filetyqwKI (PID: 6371)	File written: /tmp/filekXlXRW	Jump to dropped file
Source: /tmp/filekXlXRW (PID: 6377)	File written: /tmp/filerPV3jn	Jump to dropped file
Source: /tmp/filerPV3jn (PID: 6383)	File written: /tmp/file4pVPyP	Jump to dropped file
Source: /tmp/file4pVPyP (PID: 6386)	File written: /tmp/fileRu8dY5	Jump to dropped file
Source: /tmp/fileRu8dY5 (PID: 6389)	File written: /tmp/fileKUwFri	Jump to dropped file
Source: /tmp/fileKUwFri (PID: 6392)	File written: /tmp/filePDxcMy	Jump to dropped file
Source: /tmp/filePDxcMy (PID: 6396)	File written: /tmp/files64ECN	Jump to dropped file
Source: /tmp/files64ECN (PID: 6399)	File written: /tmp/fileQ5shb2	Jump to dropped file
Source: /tmp/fileQ5shb2 (PID: 6404)	File written: /tmp/filedkRXxs	Jump to dropped file
Source: /tmp/filedkRXxs (PID: 6407)	File written: /tmp/fileHJhEpH	Jump to dropped file
Source: /tmp/fileHJhEpH (PID: 6412)	File written: /tmp/filevVeDI2	Jump to dropped file
Source: /tmp/filevVeDI2 (PID: 6415)	File written: /tmp/file2HKM1f	Jump to dropped file

Hooking and other Techniques for Hiding and Protection

Sample deletes itself

Source: /tmp/fileUgTOdi (PID: 6233)	File: /tmp/fileqhp3Kw	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	File: /tmp/file470u1N	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	File: /tmp/fileWdgeA2	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	File: /tmp/filejDXaDH	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	File: /tmp/fileTma2ET	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	File: /tmp/filetHDYbl	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	File: /tmp/filedS2MQv	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	File: /tmp/fileeNG5DQ	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	File: /tmp/fileCF2Hnc	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	File: /tmp/file9A4GLp	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	File: /tmp/file60cv7E	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	File: /tmp/file6kWgpU	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	File: /tmp/fileXxh8wk	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	File: /tmp/files00aOy	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	File: /tmp/fileBFgRHP	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	File: /tmp/fileLy1jU3	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	File: /tmp/file8oGpqk	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	File: /tmp/file2jhEeE	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	File: /tmp/file6zcNMS	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	File: /tmp/filePBDfvq	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	File: /tmp/filetdSCHD	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	File: /tmp/filew3wvPR	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	File: /tmp/filefqXeP3	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	File: /tmp/file1QIyXl	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	File: /tmp/filekeuGUz	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	File: /tmp/file7bgEB3	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	File: /tmp/filehWYmhj	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	File: /tmp/fileySilhv	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	File: /tmp/file4DiwZW	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	File: /tmp/filevo1ogs	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	File: /tmp/filetyqwKI	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	File: /tmp/filekXlXRW	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	File: /tmp/filerPV3jn	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	File: /tmp/file4pVPyP	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	File: /tmp/fileRu8dY5	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	File: /tmp/fileKUwFri	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	File: /tmp/filePDxcMy	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	File: /tmp/files64ECN	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	File: /tmp/fileQ5shb2	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	File: /tmp/filedkRXxs	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	File: /tmp/fileHJhEpH	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	File: /tmp/filevVeDI2	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	File: /tmp/file2HKM1f	Jump to behavior

Source: filevVeDI2, 6415.1.0000560144b97000.0000560144bb8000.rw-.sdmp	Binary or memory string: vmware-root_721-4290559889?G
Source: file470u1N, 6240.1.00005559e2353000.00005559e2374000.rw-.sdmp	Binary or memory string: vmware-root_721-42905`
Source: filevVeDI2, 6415.1.0000560144b97000.0000560144bb8000.rw-.sdmp	Binary or memory string: vmware-root_721-4290559889

Stealing of Sensitive Information

Yara detected Gafgyt

Source: Yara match	File source: x86.elf, type: SAMPLE
Source: Yara match	File source: /tmp/filedkRXxs, type: DROPPED
Source: Yara match	File source: /tmp/fileySilhv, type: DROPPED
Source: Yara match	File source: /tmp/fileBFgRHP, type: DROPPED
Source: Yara match	File source: /tmp/filevVeDI2, type: DROPPED
Source: Yara match	File source: /tmp/filekXlXRW, type: DROPPED
Source: Yara match	File source: /tmp/fileQ5shb2, type: DROPPED
Source: Yara match	File source: /tmp/files00aOy, type: DROPPED
Source: Yara match	File source: /tmp/filehWYmhj, type: DROPPED
Source: Yara match	File source: /tmp/file470u1N, type: DROPPED
Source: Yara match	File source: /tmp/filePDxcMy, type: DROPPED
Source: Yara match	File source: /tmp/filejDXaDH, type: DROPPED
Source: Yara match	File source: /tmp/fileWdgeA2, type: DROPPED
Source: Yara match	File source: /tmp/filekeuGUz, type: DROPPED
Source: Yara match	File source: /tmp/file2jhEeE, type: DROPPED
Source: Yara match	File source: /tmp/fileHJhEpH, type: DROPPED
Source: Yara match	File source: /tmp/filerPV3jn, type: DROPPED
Source: Yara match	File source: /tmp/file60cv7E, type: DROPPED
Source: Yara match	File source: /tmp/fileeNG5DQ, type: DROPPED
Source: Yara match	File source: /tmp/fileLy1jU3, type: DROPPED
Source: Yara match	File source: /tmp/file4pVPyP, type: DROPPED
Source: Yara match	File source: /tmp/fileXxh8wk, type: DROPPED
Source: Yara match	File source: /tmp/filedS2MQv, type: DROPPED
Source: Yara match	File source: /tmp/filePBDfvq, type: DROPPED
Source: Yara match	File source: /tmp/file8oGpqk, type: DROPPED
Source: Yara match	File source: /tmp/file4DiwZW, type: DROPPED
Source: Yara match	File source: /tmp/file1QIyXl, type: DROPPED
Source: Yara match	File source: /tmp/fileqhp3Kw, type: DROPPED
Source: Yara match	File source: /tmp/filetHDYbl, type: DROPPED
Source: Yara match	File source: /tmp/filetdSCHD, type: DROPPED
Source: Yara match	File source: /tmp/fileTma2ET, type: DROPPED
Source: Yara match	File source: /tmp/fileCF2Hnc, type: DROPPED
Source: Yara match	File source: /tmp/file9A4GLp, type: DROPPED
Source: Yara match	File source: /tmp/fileUgTOdi, type: DROPPED
Source: Yara match	File source: /tmp/filevo1ogs, type: DROPPED
Source: Yara match	File source: /tmp/fileRu8dY5, type: DROPPED
Source: Yara match	File source: /tmp/file6zcNMS, type: DROPPED
Source: Yara match	File source: /tmp/filew3wvPR, type: DROPPED
Source: Yara match	File source: /tmp/file6kWgpU, type: DROPPED
Source: Yara match	File source: /tmp/filefqXeP3, type: DROPPED
Source: Yara match	File source: /tmp/file7bgEB3, type: DROPPED
Source: Yara match	File source: /tmp/file2HKM1f, type: DROPPED
Source: Yara match	File source: /tmp/filetyqwKI, type: DROPPED
Source: Yara match	File source: /tmp/fileKUwFri, type: DROPPED
Source: Yara match	File source: /tmp/files64ECN, type: DROPPED

Yara detected Mirai

Source: Yara match	File source: x86.elf, type: SAMPLE
Source: Yara match	File source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6327.1.00007f5f03fd2000.00007f5f0431a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6412.1.00007f653ad08000.00007f653b32f000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6288.1.00007ff79b3ad000.00007ff79b597000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6365.1.00007fa4fb157000.00007fa4fb5da000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6377.1.00007f684fe04000.00007f68502f0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6415.1.00007f576945a000.00007f57698ba000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6407.1.00007f35cf239000.00007f35cf83d000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6396.1.00007fb5f7070000.00007fb5f760b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6314.1.00007fe48a96b000.00007fe48ac4a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6383.1.00007f5c77b74000.00007f5c78083000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6330.1.00007f7e6315b000.00007f7e634c6000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6291.1.00007f57cbd96000.00007f57cbfa3000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6324.1.00007ff9c7f0e000.00007ff9c8233000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6404.1.00007fb333ca6000.00007fb334287000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6389.1.00007f9759644000.00007f9759b99000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6358.1.00007f73c8fd8000.00007f73c9438000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6333.1.00007feca0afc000.00007feca0e8a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: x86.elf PID: 6230, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileUgTOdi PID: 6233, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileUgTOdi PID: 6237, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileqhp3Kw PID: 6237, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileqhp3Kw PID: 6240, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file470u1N PID: 6240, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file470u1N PID: 6262, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileWdgeA2 PID: 6262, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileWdgeA2 PID: 6265, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filejDXaDH PID: 6265, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filejDXaDH PID: 6270, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileTma2ET PID: 6270, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileTma2ET PID: 6273, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetHDYbl PID: 6273, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetHDYbl PID: 6277, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filedS2MQv PID: 6277, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filedS2MQv PID: 6282, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileeNG5DQ PID: 6282, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileeNG5DQ PID: 6285, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileCF2Hnc PID: 6285, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileCF2Hnc PID: 6288, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file9A4GLp PID: 6288, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file9A4GLp PID: 6291, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file60cv7E PID: 6291, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file60cv7E PID: 6297, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6kWgpU PID: 6297, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6kWgpU PID: 6300, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileXxh8wk PID: 6300, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileXxh8wk PID: 6303, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: files00aOy PID: 6303, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: files00aOy PID: 6306, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileBFgRHP PID: 6306, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileBFgRHP PID: 6310, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileLy1jU3 PID: 6310, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileLy1jU3 PID: 6314, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file8oGpqk PID: 6314, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file8oGpqk PID: 6317, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file2jhEeE PID: 6317, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file2jhEeE PID: 6324, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6zcNMS PID: 6324, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6zcNMS PID: 6327, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filePBDfvq PID: 6327, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filePBDfvq PID: 6330, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetdSCHD PID: 6330, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetdSCHD PID: 6333, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filew3wvPR PID: 6333, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filew3wvPR PID: 6337, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filefqXeP3 PID: 6337, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filefqXeP3 PID: 6340, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file1QIyXl PID: 6340, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file1QIyXl PID: 6346, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filekeuGUz PID: 6346, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filekeuGUz PID: 6349, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file7bgEB3 PID: 6349, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file7bgEB3 PID: 6352, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filehWYmhj PID: 6352, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filehWYmhj PID: 6358, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileySilhv PID: 6358, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileySilhv PID: 6365, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file4DiwZW PID: 6365, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file4DiwZW PID: 6368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filevo1ogs PID: 6368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filevo1ogs PID: 6371, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetyqwKI PID: 6371, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetyqwKI PID: 6377, type: MEMORYSTR
Source: Yara match	File source: /tmp/fileySilhv, type: DROPPED
Source: Yara match	File source: /tmp/filedkRXxs, type: DROPPED
Source: Yara match	File source: /tmp/filevVeDI2, type: DROPPED
Source: Yara match	File source: /tmp/fileBFgRHP, type: DROPPED
Source: Yara match	File source: /tmp/filekXlXRW, type: DROPPED
Source: Yara match	File source: /tmp/filehWYmhj, type: DROPPED
Source: Yara match	File source: /tmp/filePDxcMy, type: DROPPED
Source: Yara match	File source: /tmp/fileWdgeA2, type: DROPPED
Source: Yara match	File source: /tmp/fileHJhEpH, type: DROPPED
Source: Yara match	File source: /tmp/file60cv7E, type: DROPPED
Source: Yara match	File source: /tmp/fileLy1jU3, type: DROPPED
Source: Yara match	File source: /tmp/file470u1N, type: DROPPED
Source: Yara match	File source: /tmp/file2jhEeE, type: DROPPED
Source: Yara match	File source: /tmp/file4pVPyP, type: DROPPED
Source: Yara match	File source: /tmp/filekeuGUz, type: DROPPED
Source: Yara match	File source: /tmp/filePBDfvq, type: DROPPED
Source: Yara match	File source: /tmp/filerPV3jn, type: DROPPED
Source: Yara match	File source: /tmp/filedS2MQv, type: DROPPED
Source: Yara match	File source: /tmp/file8oGpqk, type: DROPPED
Source: Yara match	File source: /tmp/fileXxh8wk, type: DROPPED
Source: Yara match	File source: /tmp/filejDXaDH, type: DROPPED
Source: Yara match	File source: /tmp/files00aOy, type: DROPPED
Source: Yara match	File source: /tmp/fileqhp3Kw, type: DROPPED
Source: Yara match	File source: /tmp/filetHDYbl, type: DROPPED
Source: Yara match	File source: /tmp/fileeNG5DQ, type: DROPPED
Source: Yara match	File source: /tmp/file1QIyXl, type: DROPPED
Source: Yara match	File source: /tmp/fileQ5shb2, type: DROPPED
Source: Yara match	File source: /tmp/file4DiwZW, type: DROPPED
Source: Yara match	File source: /tmp/filetdSCHD, type: DROPPED
Source: Yara match	File source: /tmp/fileTma2ET, type: DROPPED
Source: Yara match	File source: /tmp/fileCF2Hnc, type: DROPPED
Source: Yara match	File source: /tmp/file9A4GLp, type: DROPPED
Source: Yara match	File source: /tmp/fileUgTOdi, type: DROPPED
Source: Yara match	File source: /tmp/filevo1ogs, type: DROPPED
Source: Yara match	File source: /tmp/fileRu8dY5, type: DROPPED
Source: Yara match	File source: /tmp/file6zcNMS, type: DROPPED
Source: Yara match	File source: /tmp/file6kWgpU, type: DROPPED
Source: Yara match	File source: /tmp/file7bgEB3, type: DROPPED
Source: Yara match	File source: /tmp/filew3wvPR, type: DROPPED
Source: Yara match	File source: /tmp/filefqXeP3, type: DROPPED
Source: Yara match	File source: /tmp/filetyqwKI, type: DROPPED
Source: Yara match	File source: /tmp/file2HKM1f, type: DROPPED
Source: Yara match	File source: /tmp/fileKUwFri, type: DROPPED
Source: Yara match	File source: /tmp/files64ECN, type: DROPPED

Sample contains strings that are user agent strings indicative of HTTP manipulation

Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; pl) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; en) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; ja) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; de) Opera 11.01
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; fr) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
Source: Initial sample	User agent string found: Mozilla/5.0 (iPhone; CPU iPhone OS 8_4 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12H143 Safari/600.1.4
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11) AppleWebKit/601.1.56 (KHTML, like Gecko) Version/9.0 Safari/601.1.56
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Source: Initial sample	User agent string found: Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51
Source: Initial sample	User agent string found: Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.94 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Linux; Android 4.4.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Linux; Android 4.4.3; HTC_0PCV2 Build/KTU84L) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; X11; Linux x86_64; pl) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:25.0) Gecko/20100101 Firefox/25.0
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Firefox/24.0
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10; rv:33.0) Gecko/20100101 Firefox/33.0

Remote Access Functionality

Yara detected Gafgyt

Source: Yara match	File source: x86.elf, type: SAMPLE
Source: Yara match	File source: /tmp/filedkRXxs, type: DROPPED
Source: Yara match	File source: /tmp/fileySilhv, type: DROPPED
Source: Yara match	File source: /tmp/fileBFgRHP, type: DROPPED
Source: Yara match	File source: /tmp/filevVeDI2, type: DROPPED
Source: Yara match	File source: /tmp/filekXlXRW, type: DROPPED
Source: Yara match	File source: /tmp/fileQ5shb2, type: DROPPED
Source: Yara match	File source: /tmp/files00aOy, type: DROPPED
Source: Yara match	File source: /tmp/filehWYmhj, type: DROPPED
Source: Yara match	File source: /tmp/file470u1N, type: DROPPED
Source: Yara match	File source: /tmp/filePDxcMy, type: DROPPED
Source: Yara match	File source: /tmp/filejDXaDH, type: DROPPED
Source: Yara match	File source: /tmp/fileWdgeA2, type: DROPPED
Source: Yara match	File source: /tmp/filekeuGUz, type: DROPPED
Source: Yara match	File source: /tmp/file2jhEeE, type: DROPPED
Source: Yara match	File source: /tmp/fileHJhEpH, type: DROPPED
Source: Yara match	File source: /tmp/filerPV3jn, type: DROPPED
Source: Yara match	File source: /tmp/file60cv7E, type: DROPPED
Source: Yara match	File source: /tmp/fileeNG5DQ, type: DROPPED
Source: Yara match	File source: /tmp/fileLy1jU3, type: DROPPED
Source: Yara match	File source: /tmp/file4pVPyP, type: DROPPED
Source: Yara match	File source: /tmp/fileXxh8wk, type: DROPPED
Source: Yara match	File source: /tmp/filedS2MQv, type: DROPPED
Source: Yara match	File source: /tmp/filePBDfvq, type: DROPPED
Source: Yara match	File source: /tmp/file8oGpqk, type: DROPPED
Source: Yara match	File source: /tmp/file4DiwZW, type: DROPPED
Source: Yara match	File source: /tmp/file1QIyXl, type: DROPPED
Source: Yara match	File source: /tmp/fileqhp3Kw, type: DROPPED
Source: Yara match	File source: /tmp/filetHDYbl, type: DROPPED
Source: Yara match	File source: /tmp/filetdSCHD, type: DROPPED
Source: Yara match	File source: /tmp/fileTma2ET, type: DROPPED
Source: Yara match	File source: /tmp/fileCF2Hnc, type: DROPPED
Source: Yara match	File source: /tmp/file9A4GLp, type: DROPPED
Source: Yara match	File source: /tmp/fileUgTOdi, type: DROPPED
Source: Yara match	File source: /tmp/filevo1ogs, type: DROPPED
Source: Yara match	File source: /tmp/fileRu8dY5, type: DROPPED
Source: Yara match	File source: /tmp/file6zcNMS, type: DROPPED
Source: Yara match	File source: /tmp/filew3wvPR, type: DROPPED
Source: Yara match	File source: /tmp/file6kWgpU, type: DROPPED
Source: Yara match	File source: /tmp/filefqXeP3, type: DROPPED
Source: Yara match	File source: /tmp/file7bgEB3, type: DROPPED
Source: Yara match	File source: /tmp/file2HKM1f, type: DROPPED
Source: Yara match	File source: /tmp/filetyqwKI, type: DROPPED
Source: Yara match	File source: /tmp/fileKUwFri, type: DROPPED
Source: Yara match	File source: /tmp/files64ECN, type: DROPPED

Yara detected Mirai

Source: Yara match	File source: x86.elf, type: SAMPLE
Source: Yara match	File source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6327.1.00007f5f03fd2000.00007f5f0431a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6412.1.00007f653ad08000.00007f653b32f000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6288.1.00007ff79b3ad000.00007ff79b597000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6365.1.00007fa4fb157000.00007fa4fb5da000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6377.1.00007f684fe04000.00007f68502f0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6415.1.00007f576945a000.00007f57698ba000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6407.1.00007f35cf239000.00007f35cf83d000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6396.1.00007fb5f7070000.00007fb5f760b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6314.1.00007fe48a96b000.00007fe48ac4a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6383.1.00007f5c77b74000.00007f5c78083000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6330.1.00007f7e6315b000.00007f7e634c6000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6291.1.00007f57cbd96000.00007f57cbfa3000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6324.1.00007ff9c7f0e000.00007ff9c8233000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6404.1.00007fb333ca6000.00007fb334287000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6389.1.00007f9759644000.00007f9759b99000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6358.1.00007f73c8fd8000.00007f73c9438000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6333.1.00007feca0afc000.00007feca0e8a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: x86.elf PID: 6230, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileUgTOdi PID: 6233, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileUgTOdi PID: 6237, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileqhp3Kw PID: 6237, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileqhp3Kw PID: 6240, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file470u1N PID: 6240, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file470u1N PID: 6262, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileWdgeA2 PID: 6262, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileWdgeA2 PID: 6265, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filejDXaDH PID: 6265, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filejDXaDH PID: 6270, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileTma2ET PID: 6270, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileTma2ET PID: 6273, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetHDYbl PID: 6273, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetHDYbl PID: 6277, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filedS2MQv PID: 6277, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filedS2MQv PID: 6282, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileeNG5DQ PID: 6282, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileeNG5DQ PID: 6285, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileCF2Hnc PID: 6285, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileCF2Hnc PID: 6288, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file9A4GLp PID: 6288, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file9A4GLp PID: 6291, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file60cv7E PID: 6291, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file60cv7E PID: 6297, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6kWgpU PID: 6297, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6kWgpU PID: 6300, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileXxh8wk PID: 6300, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileXxh8wk PID: 6303, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: files00aOy PID: 6303, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: files00aOy PID: 6306, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileBFgRHP PID: 6306, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileBFgRHP PID: 6310, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileLy1jU3 PID: 6310, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileLy1jU3 PID: 6314, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file8oGpqk PID: 6314, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file8oGpqk PID: 6317, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file2jhEeE PID: 6317, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file2jhEeE PID: 6324, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6zcNMS PID: 6324, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6zcNMS PID: 6327, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filePBDfvq PID: 6327, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filePBDfvq PID: 6330, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetdSCHD PID: 6330, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetdSCHD PID: 6333, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filew3wvPR PID: 6333, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filew3wvPR PID: 6337, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filefqXeP3 PID: 6337, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filefqXeP3 PID: 6340, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file1QIyXl PID: 6340, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file1QIyXl PID: 6346, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filekeuGUz PID: 6346, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filekeuGUz PID: 6349, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file7bgEB3 PID: 6349, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file7bgEB3 PID: 6352, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filehWYmhj PID: 6352, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filehWYmhj PID: 6358, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileySilhv PID: 6358, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileySilhv PID: 6365, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file4DiwZW PID: 6365, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file4DiwZW PID: 6368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filevo1ogs PID: 6368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filevo1ogs PID: 6371, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetyqwKI PID: 6371, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetyqwKI PID: 6377, type: MEMORYSTR
Source: Yara match	File source: /tmp/fileySilhv, type: DROPPED
Source: Yara match	File source: /tmp/filedkRXxs, type: DROPPED
Source: Yara match	File source: /tmp/filevVeDI2, type: DROPPED
Source: Yara match	File source: /tmp/fileBFgRHP, type: DROPPED
Source: Yara match	File source: /tmp/filekXlXRW, type: DROPPED
Source: Yara match	File source: /tmp/filehWYmhj, type: DROPPED
Source: Yara match	File source: /tmp/filePDxcMy, type: DROPPED
Source: Yara match	File source: /tmp/fileWdgeA2, type: DROPPED
Source: Yara match	File source: /tmp/fileHJhEpH, type: DROPPED
Source: Yara match	File source: /tmp/file60cv7E, type: DROPPED
Source: Yara match	File source: /tmp/fileLy1jU3, type: DROPPED
Source: Yara match	File source: /tmp/file470u1N, type: DROPPED
Source: Yara match	File source: /tmp/file2jhEeE, type: DROPPED
Source: Yara match	File source: /tmp/file4pVPyP, type: DROPPED
Source: Yara match	File source: /tmp/filekeuGUz, type: DROPPED
Source: Yara match	File source: /tmp/filePBDfvq, type: DROPPED
Source: Yara match	File source: /tmp/filerPV3jn, type: DROPPED
Source: Yara match	File source: /tmp/filedS2MQv, type: DROPPED
Source: Yara match	File source: /tmp/file8oGpqk, type: DROPPED
Source: Yara match	File source: /tmp/fileXxh8wk, type: DROPPED
Source: Yara match	File source: /tmp/filejDXaDH, type: DROPPED
Source: Yara match	File source: /tmp/files00aOy, type: DROPPED
Source: Yara match	File source: /tmp/fileqhp3Kw, type: DROPPED
Source: Yara match	File source: /tmp/filetHDYbl, type: DROPPED
Source: Yara match	File source: /tmp/fileeNG5DQ, type: DROPPED
Source: Yara match	File source: /tmp/file1QIyXl, type: DROPPED
Source: Yara match	File source: /tmp/fileQ5shb2, type: DROPPED
Source: Yara match	File source: /tmp/file4DiwZW, type: DROPPED
Source: Yara match	File source: /tmp/filetdSCHD, type: DROPPED
Source: Yara match	File source: /tmp/fileTma2ET, type: DROPPED
Source: Yara match	File source: /tmp/fileCF2Hnc, type: DROPPED
Source: Yara match	File source: /tmp/file9A4GLp, type: DROPPED
Source: Yara match	File source: /tmp/fileUgTOdi, type: DROPPED
Source: Yara match	File source: /tmp/filevo1ogs, type: DROPPED
Source: Yara match	File source: /tmp/fileRu8dY5, type: DROPPED
Source: Yara match	File source: /tmp/file6zcNMS, type: DROPPED
Source: Yara match	File source: /tmp/file6kWgpU, type: DROPPED
Source: Yara match	File source: /tmp/file7bgEB3, type: DROPPED
Source: Yara match	File source: /tmp/filew3wvPR, type: DROPPED
Source: Yara match	File source: /tmp/filefqXeP3, type: DROPPED
Source: Yara match	File source: /tmp/filetyqwKI, type: DROPPED
Source: Yara match	File source: /tmp/file2HKM1f, type: DROPPED
Source: Yara match	File source: /tmp/fileKUwFri, type: DROPPED
Source: Yara match	File source: /tmp/files64ECN, type: DROPPED

Screenshots

No Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
109.202.202.202	unknown	Switzerland	13030	INIT7CH	false
91.189.91.43	unknown	United Kingdom	41231	CANONICAL-ASGB	false
91.189.91.42	unknown	United Kingdom	41231	CANONICAL-ASGB	false

Name	Type	MD5	SHA1	SHA256
/tmp/file1QIyXl	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file2HKM1f	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file2jhEeE	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file470u1N	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file4DiwZW	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file4pVPyP	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file60cv7E	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file6kWgpU	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file6zcNMS	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file7bgEB3	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file8oGpqk	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/file9A4GLp	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileBFgRHP	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileCF2Hnc	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileHJhEpH	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileKUwFri	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileLy1jU3	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filePBDfvq	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filePDxcMy	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileQ5shb2	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileRu8dY5	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileTma2ET	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileUgTOdi	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	A61202E78777003FDF8AFD2F2639DAE3	80EF9CA8349250B41341AD1D0C1DED214D0BE746	B48BA93AF17FFB52FCA679B0692CB976C6B1C251D2E61634745C0A8ADEDD9C6C
/tmp/fileWdgeA2	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileXxh8wk	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filedS2MQv	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filedkRXxs	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileeNG5DQ	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filefqXeP3	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filehWYmhj	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filejDXaDH	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filekXlXRW	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filekeuGUz	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileqhp3Kw	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filerPV3jn	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/files00aOy	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/files64ECN	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filetHDYbl	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filetdSCHD	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filetyqwKI	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filevVeDI2	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filevo1ogs	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/filew3wvPR	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C
/tmp/fileySilhv	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped	9E20CF9151FE86497B66B09B5265D81D	44D3847253CD5D63CFCA5A80845AAB1AFE530ED0	C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C

AV Detection

Antivirus / Scanner detection for submitted sample

Source: x86.elf

Avira: detected

Antivirus detection for dropped file

Source: /tmp/filePDxcMy	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileTma2ET	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileeNG5DQ	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filePBDfvq	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file2jhEeE	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file9A4GLp	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file4pVPyP	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileHJhEpH	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileLy1jU3	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file1QIyXl	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileXxh8wk	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filejDXaDH	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileCF2Hnc	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filedkRXxs	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileQ5shb2	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileWdgeA2	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filehWYmhj	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file60cv7E	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file470u1N	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileUgTOdi	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file8oGpqk	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file4DiwZW	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileBFgRHP	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filedS2MQv	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileRu8dY5	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file6kWgpU	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file7bgEB3	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file6zcNMS	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/file2HKM1f	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/filefqXeP3	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.
Source: /tmp/fileKUwFri	Avira: detection malicious, Label: LINUX/Mirai.Gafgyt.

Machine Learning detection for dropped file

Source: /tmp/filePDxcMy	Joe Sandbox ML: detected
Source: /tmp/fileTma2ET	Joe Sandbox ML: detected
Source: /tmp/fileeNG5DQ	Joe Sandbox ML: detected
Source: /tmp/filePBDfvq	Joe Sandbox ML: detected
Source: /tmp/file2jhEeE	Joe Sandbox ML: detected
Source: /tmp/file9A4GLp	Joe Sandbox ML: detected
Source: /tmp/file4pVPyP	Joe Sandbox ML: detected
Source: /tmp/fileHJhEpH	Joe Sandbox ML: detected
Source: /tmp/fileLy1jU3	Joe Sandbox ML: detected
Source: /tmp/file1QIyXl	Joe Sandbox ML: detected
Source: /tmp/fileXxh8wk	Joe Sandbox ML: detected
Source: /tmp/filejDXaDH	Joe Sandbox ML: detected
Source: /tmp/fileCF2Hnc	Joe Sandbox ML: detected
Source: /tmp/filedkRXxs	Joe Sandbox ML: detected
Source: /tmp/fileQ5shb2	Joe Sandbox ML: detected
Source: /tmp/fileWdgeA2	Joe Sandbox ML: detected
Source: /tmp/filehWYmhj	Joe Sandbox ML: detected
Source: /tmp/file60cv7E	Joe Sandbox ML: detected
Source: /tmp/file470u1N	Joe Sandbox ML: detected
Source: /tmp/fileUgTOdi	Joe Sandbox ML: detected
Source: /tmp/file8oGpqk	Joe Sandbox ML: detected
Source: /tmp/file4DiwZW	Joe Sandbox ML: detected
Source: /tmp/fileBFgRHP	Joe Sandbox ML: detected
Source: /tmp/filedS2MQv	Joe Sandbox ML: detected
Source: /tmp/fileRu8dY5	Joe Sandbox ML: detected
Source: /tmp/file6kWgpU	Joe Sandbox ML: detected
Source: /tmp/file7bgEB3	Joe Sandbox ML: detected
Source: /tmp/file6zcNMS	Joe Sandbox ML: detected
Source: /tmp/file2HKM1f	Joe Sandbox ML: detected
Source: /tmp/filefqXeP3	Joe Sandbox ML: detected
Source: /tmp/fileKUwFri	Joe Sandbox ML: detected

Machine Learning detection for sample

Source: x86.elf

Joe Sandbox ML: detected

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Source: global traffic	TCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
Source: global traffic	TCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global traffic	TCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80

Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.43
Source: unknown	TCP traffic detected without corresponding DNS query: 109.202.202.202
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.43
Source: unknown	TCP traffic detected without corresponding DNS query: 109.202.202.202
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42

Source: x86.elf, 6230.1.0000556cd67fb000.0000556cd681c000.rw-.sdmp	String found in binary or memory: http://cf0.pw/0/etc/cron.hourly/0
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://gnu.org/licenses/gpl.html
Source: filevVeDI2, 6415.1.00007f576945a000.00007f57698ba000.rw-.sdmp	String found in binary or memory: https://translationproject.org/team/
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://wiki.xiph.org/MIME_Types_and_File_Extensions
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://wiki.xiph.org/MIME_Types_and_File_Extensions.oga
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://wiki.xiph.org/MIME_Types_and_File_Extensions.ogv
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://www.gnu.org/gethelp/
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://www.gnu.org/software/coreutils/
Source: x86.elf, 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, x86.elf, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, fileUgTOdi, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, fileqhp3Kw, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, file470u1N, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, fileWdgeA2, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, filejDXaDH, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, fileTma2ET, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, filetHDYbl, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, filedS2MQv, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, fileeNG5DQ, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, fileCF2Hnc, 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp	String found in binary or memory: https://www.gnu.org/software/coreutils/Report

Source: unknown	Network traffic detected: HTTP traffic on port 43928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443

System Summary

Malicious sample detected (through community Yara rule)

Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6419.1.0000556fbebbc000.0000556fbebbe000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6277.1.000055da7060e000.000055da70610000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6368.1.0000558428308000.000055842830a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6317.1.0000561e91288000.0000561e9128a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6415.1.0000560143463000.0000560143465000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6288.1.0000558e7f7da000.0000558e7f7dc000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6262.1.000055c0fe099000.000055c0fe09b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6306.1.00005617e37af000.00005617e37b1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6337.1.000055ca8b809000.000055ca8b80b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6230.1.0000556cd59ac000.0000556cd59ae000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6396.1.0000557273e6b000.0000557273e6d000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6404.1.000055639aa42000.000055639aa44000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6386.1.000056235a178000.000056235a17a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6392.1.000055f3be940000.000055f3be942000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6270.1.000055d9c8060000.000055d9c8062000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6327.1.0000563f15904000.0000563f15906000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6297.1.000055570746e000.0000555707470000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6371.1.0000556bbe82d000.0000556bbe82f000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6349.1.00005630d6322000.00005630d6324000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6365.1.0000562595039000.000056259503b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6389.1.000055dc0596a000.000055dc0596c000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6285.1.0000561a550af000.0000561a550b1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6383.1.00005573f729f000.00005573f72a1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6324.1.00005559cf511000.00005559cf513000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6399.1.0000563a7b132000.0000563a7b134000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6310.1.000055a2c85d1000.000055a2c85d3000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6237.1.000055db7e886000.000055db7e888000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6303.1.000055cd95c9e000.000055cd95ca0000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6300.1.00005607b8fff000.00005607b9001000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6412.1.000055b34e687000.000055b34e689000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6233.1.00005603c68cb000.00005603c68cd000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6240.1.00005559e0ac3000.00005559e0ac5000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6273.1.000055e90fdc0000.000055e90fdc2000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6282.1.000055c16c96c000.000055c16c96e000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6265.1.0000561fe41d6000.0000561fe41d8000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6291.1.00005610c7e55000.00005610c7e57000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6358.1.000055c9482e4000.000055c9482e6000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6352.1.000055a146b96000.000055a146b98000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6407.1.000055aed0413000.000055aed0415000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6330.1.000055ecb61e3000.000055ecb61e5000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6377.1.00005600cf679000.00005600cf67b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6327.1.00007f5f03fd2000.00007f5f0431a000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6340.1.0000560704d06000.0000560704d08000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6346.1.000055c7733f9000.000055c7733fb000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6333.1.000055b8da3d7000.000055b8da3d9000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6314.1.000055e72b056000.000055e72b058000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown

Contains symbols with names commonly found in malware

Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack
Source: ELF static info symbol of initial sample	Name: vseattack

Yara signature match

Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6419.1.0000556fbebbc000.0000556fbebbe000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6277.1.000055da7060e000.000055da70610000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6368.1.0000558428308000.000055842830a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6317.1.0000561e91288000.0000561e9128a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6415.1.0000560143463000.0000560143465000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6288.1.0000558e7f7da000.0000558e7f7dc000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6262.1.000055c0fe099000.000055c0fe09b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6306.1.00005617e37af000.00005617e37b1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6337.1.000055ca8b809000.000055ca8b80b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6230.1.0000556cd59ac000.0000556cd59ae000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6396.1.0000557273e6b000.0000557273e6d000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6404.1.000055639aa42000.000055639aa44000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6386.1.000056235a178000.000056235a17a000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6392.1.000055f3be940000.000055f3be942000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6270.1.000055d9c8060000.000055d9c8062000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6327.1.0000563f15904000.0000563f15906000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6297.1.000055570746e000.0000555707470000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6371.1.0000556bbe82d000.0000556bbe82f000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6349.1.00005630d6322000.00005630d6324000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6365.1.0000562595039000.000056259503b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6389.1.000055dc0596a000.000055dc0596c000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6285.1.0000561a550af000.0000561a550b1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6383.1.00005573f729f000.00005573f72a1000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6324.1.00005559cf511000.00005559cf513000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6399.1.0000563a7b132000.0000563a7b134000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6310.1.000055a2c85d1000.000055a2c85d3000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6237.1.000055db7e886000.000055db7e888000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6303.1.000055cd95c9e000.000055cd95ca0000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6300.1.00005607b8fff000.00005607b9001000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6412.1.000055b34e687000.000055b34e689000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6233.1.00005603c68cb000.00005603c68cd000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6240.1.00005559e0ac3000.00005559e0ac5000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6273.1.000055e90fdc0000.000055e90fdc2000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6282.1.000055c16c96c000.000055c16c96e000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6265.1.0000561fe41d6000.0000561fe41d8000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6291.1.00005610c7e55000.00005610c7e57000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6358.1.000055c9482e4000.000055c9482e6000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6352.1.000055a146b96000.000055a146b98000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6407.1.000055aed0413000.000055aed0415000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6330.1.000055ecb61e3000.000055ecb61e5000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6377.1.00005600cf679000.00005600cf67b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6327.1.00007f5f03fd2000.00007f5f0431a000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6340.1.0000560704d06000.0000560704d08000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6346.1.000055c7733f9000.000055c7733fb000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6333.1.000055b8da3d7000.000055b8da3d9000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6314.1.000055e72b056000.000055e72b058000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_859042a0 reference_sample = 41615d3f3f27f04669166fdee3996d77890016304ee87851a5f90804d6d4a0b0, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a27bcaa16edceda3dc5a80803372c907a7efd00736c7859c5a9d6a2cf56a8eec, id = 859042a0-a424-4c83-944b-ed182b342998, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Ladvix_db41f9d2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ladvix, fingerprint = d0aaa680e81f44cc555bf7799d33fce66f172563788afb2ad0fb16d3e460e8c6, id = db41f9d2-aa5c-4d26-b8ba-cece44eddca8, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16

Source: classification engine

Classification label: mal100.troj.evad.linELF@0/44@0/0

Persistence and Installation Behavior

Sample tries to persist itself using cron

Source: /tmp/x86.elf (PID: 6230)

File: /etc/cron.hourly/0

Jump to behavior

Sample tries to set files in /etc globally writable

Source: /tmp/x86.elf (PID: 6230)

File: /etc/cron.hourly/0 (bits: uv usr: rwx grp: rwx all: rwx)

Jump to behavior

Writes identical ELF files to multiple locations

Source: /tmp/fileLy1jU3 (PID: 6310)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file8oGpqk	Jump to dropped file
Source: /tmp/filew3wvPR (PID: 6333)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filefqXeP3	Jump to dropped file
Source: /tmp/file6kWgpU (PID: 6297)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileXxh8wk	Jump to dropped file
Source: /tmp/filekeuGUz (PID: 6346)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file7bgEB3	Jump to dropped file
Source: /tmp/files64ECN (PID: 6399)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileQ5shb2	Jump to dropped file
Source: /tmp/fileySilhv (PID: 6358)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file4DiwZW	Jump to dropped file
Source: /tmp/fileBFgRHP (PID: 6306)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileLy1jU3	Jump to dropped file
Source: /tmp/file4pVPyP (PID: 6386)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileRu8dY5	Jump to dropped file
Source: /tmp/file6zcNMS (PID: 6324)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filePBDfvq	Jump to dropped file
Source: /tmp/filetHDYbl (PID: 6273)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filedS2MQv	Jump to dropped file
Source: /tmp/file60cv7E (PID: 6291)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file6kWgpU	Jump to dropped file
Source: /tmp/fileXxh8wk (PID: 6300)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/files00aOy	Jump to dropped file
Source: /tmp/file7bgEB3 (PID: 6349)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filehWYmhj	Jump to dropped file
Source: /tmp/filedkRXxs (PID: 6407)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileHJhEpH	Jump to dropped file
Source: /tmp/file9A4GLp (PID: 6288)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file60cv7E	Jump to dropped file
Source: /tmp/filePBDfvq (PID: 6327)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filetdSCHD	Jump to dropped file
Source: /tmp/file4DiwZW (PID: 6365)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filevo1ogs	Jump to dropped file
Source: /tmp/files00aOy (PID: 6303)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileBFgRHP	Jump to dropped file
Source: /tmp/fileCF2Hnc (PID: 6285)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file9A4GLp	Jump to dropped file
Source: /tmp/fileqhp3Kw (PID: 6237)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file470u1N	Jump to dropped file
Source: /tmp/file2jhEeE (PID: 6317)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file6zcNMS	Jump to dropped file
Source: /tmp/filefqXeP3 (PID: 6337)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file1QIyXl	Jump to dropped file
Source: /tmp/filehWYmhj (PID: 6352)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileySilhv	Jump to dropped file
Source: /tmp/fileRu8dY5 (PID: 6389)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileKUwFri	Jump to dropped file
Source: /tmp/filekXlXRW (PID: 6377)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filerPV3jn	Jump to dropped file
Source: /tmp/filetdSCHD (PID: 6330)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filew3wvPR	Jump to dropped file
Source: /tmp/fileeNG5DQ (PID: 6282)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileCF2Hnc	Jump to dropped file
Source: /tmp/fileKUwFri (PID: 6392)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filePDxcMy	Jump to dropped file
Source: /tmp/file470u1N (PID: 6240)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileWdgeA2	Jump to dropped file
Source: /tmp/filevVeDI2 (PID: 6415)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file2HKM1f	Jump to dropped file
Source: /tmp/filevo1ogs (PID: 6368)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filetyqwKI	Jump to dropped file
Source: /tmp/fileTma2ET (PID: 6270)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filetHDYbl	Jump to dropped file
Source: /tmp/filerPV3jn (PID: 6383)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file4pVPyP	Jump to dropped file
Source: /tmp/filejDXaDH (PID: 6265)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileTma2ET	Jump to dropped file
Source: /tmp/file8oGpqk (PID: 6314)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/file2jhEeE	Jump to dropped file
Source: /tmp/filetyqwKI (PID: 6371)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filekXlXRW	Jump to dropped file
Source: /tmp/filedS2MQv (PID: 6277)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileeNG5DQ	Jump to dropped file
Source: /tmp/fileWdgeA2 (PID: 6262)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filejDXaDH	Jump to dropped file
Source: /tmp/fileQ5shb2 (PID: 6404)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filedkRXxs	Jump to dropped file
Source: /tmp/fileUgTOdi (PID: 6233)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/fileqhp3Kw	Jump to dropped file
Source: /tmp/filePDxcMy (PID: 6396)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/files64ECN	Jump to dropped file
Source: /tmp/fileHJhEpH (PID: 6412)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filevVeDI2	Jump to dropped file
Source: /tmp/file1QIyXl (PID: 6340)	File with SHA-256 C9A2E1A456BD35F8E32B25166848EEC6EF9A563C1AF873CFB634F6ACD5E5E83C written: /tmp/filekeuGUz	Jump to dropped file

Creates hidden files and/or directories

Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/..	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileUgTOdi (PID: 6233)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/..	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/..	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/..	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/..	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.X11-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.Test-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.font-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.ICE-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/..	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.XIM-unix	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	Directory: /tmp/.xfsm-ICE-S33I80	Jump to behavior

Sample tries to set the executable flag

Source: /tmp/x86.elf (PID: 6230)	File: /etc/cron.hourly/0 (bits: uv usr: rwx grp: rwx all: rwx)			Jump to behavior
Source: /tmp/x86.elf (PID: 6230)	File: <invalid fd (-1)> (bits: uv usr: rwx grp: rwx all: rwx)			Jump to behavior

Writes ELF files to disk

Source: /tmp/x86.elf (PID: 6230)	File written: /tmp/fileUgTOdi	Jump to dropped file
Source: /tmp/fileUgTOdi (PID: 6233)	File written: /tmp/fileqhp3Kw	Jump to dropped file
Source: /tmp/fileqhp3Kw (PID: 6237)	File written: /tmp/file470u1N	Jump to dropped file
Source: /tmp/file470u1N (PID: 6240)	File written: /tmp/fileWdgeA2	Jump to dropped file
Source: /tmp/fileWdgeA2 (PID: 6262)	File written: /tmp/filejDXaDH	Jump to dropped file
Source: /tmp/filejDXaDH (PID: 6265)	File written: /tmp/fileTma2ET	Jump to dropped file
Source: /tmp/fileTma2ET (PID: 6270)	File written: /tmp/filetHDYbl	Jump to dropped file
Source: /tmp/filetHDYbl (PID: 6273)	File written: /tmp/filedS2MQv	Jump to dropped file
Source: /tmp/filedS2MQv (PID: 6277)	File written: /tmp/fileeNG5DQ	Jump to dropped file
Source: /tmp/fileeNG5DQ (PID: 6282)	File written: /tmp/fileCF2Hnc	Jump to dropped file
Source: /tmp/fileCF2Hnc (PID: 6285)	File written: /tmp/file9A4GLp	Jump to dropped file
Source: /tmp/file9A4GLp (PID: 6288)	File written: /tmp/file60cv7E	Jump to dropped file
Source: /tmp/file60cv7E (PID: 6291)	File written: /tmp/file6kWgpU	Jump to dropped file
Source: /tmp/file6kWgpU (PID: 6297)	File written: /tmp/fileXxh8wk	Jump to dropped file
Source: /tmp/fileXxh8wk (PID: 6300)	File written: /tmp/files00aOy	Jump to dropped file
Source: /tmp/files00aOy (PID: 6303)	File written: /tmp/fileBFgRHP	Jump to dropped file
Source: /tmp/fileBFgRHP (PID: 6306)	File written: /tmp/fileLy1jU3	Jump to dropped file
Source: /tmp/fileLy1jU3 (PID: 6310)	File written: /tmp/file8oGpqk	Jump to dropped file
Source: /tmp/file8oGpqk (PID: 6314)	File written: /tmp/file2jhEeE	Jump to dropped file
Source: /tmp/file2jhEeE (PID: 6317)	File written: /tmp/file6zcNMS	Jump to dropped file
Source: /tmp/file6zcNMS (PID: 6324)	File written: /tmp/filePBDfvq	Jump to dropped file
Source: /tmp/filePBDfvq (PID: 6327)	File written: /tmp/filetdSCHD	Jump to dropped file
Source: /tmp/filetdSCHD (PID: 6330)	File written: /tmp/filew3wvPR	Jump to dropped file
Source: /tmp/filew3wvPR (PID: 6333)	File written: /tmp/filefqXeP3	Jump to dropped file
Source: /tmp/filefqXeP3 (PID: 6337)	File written: /tmp/file1QIyXl	Jump to dropped file
Source: /tmp/file1QIyXl (PID: 6340)	File written: /tmp/filekeuGUz	Jump to dropped file
Source: /tmp/filekeuGUz (PID: 6346)	File written: /tmp/file7bgEB3	Jump to dropped file
Source: /tmp/file7bgEB3 (PID: 6349)	File written: /tmp/filehWYmhj	Jump to dropped file
Source: /tmp/filehWYmhj (PID: 6352)	File written: /tmp/fileySilhv	Jump to dropped file
Source: /tmp/fileySilhv (PID: 6358)	File written: /tmp/file4DiwZW	Jump to dropped file
Source: /tmp/file4DiwZW (PID: 6365)	File written: /tmp/filevo1ogs	Jump to dropped file
Source: /tmp/filevo1ogs (PID: 6368)	File written: /tmp/filetyqwKI	Jump to dropped file
Source: /tmp/filetyqwKI (PID: 6371)	File written: /tmp/filekXlXRW	Jump to dropped file
Source: /tmp/filekXlXRW (PID: 6377)	File written: /tmp/filerPV3jn	Jump to dropped file
Source: /tmp/filerPV3jn (PID: 6383)	File written: /tmp/file4pVPyP	Jump to dropped file
Source: /tmp/file4pVPyP (PID: 6386)	File written: /tmp/fileRu8dY5	Jump to dropped file
Source: /tmp/fileRu8dY5 (PID: 6389)	File written: /tmp/fileKUwFri	Jump to dropped file
Source: /tmp/fileKUwFri (PID: 6392)	File written: /tmp/filePDxcMy	Jump to dropped file
Source: /tmp/filePDxcMy (PID: 6396)	File written: /tmp/files64ECN	Jump to dropped file
Source: /tmp/files64ECN (PID: 6399)	File written: /tmp/fileQ5shb2	Jump to dropped file
Source: /tmp/fileQ5shb2 (PID: 6404)	File written: /tmp/filedkRXxs	Jump to dropped file
Source: /tmp/filedkRXxs (PID: 6407)	File written: /tmp/fileHJhEpH	Jump to dropped file
Source: /tmp/fileHJhEpH (PID: 6412)	File written: /tmp/filevVeDI2	Jump to dropped file
Source: /tmp/filevVeDI2 (PID: 6415)	File written: /tmp/file2HKM1f	Jump to dropped file

Hooking and other Techniques for Hiding and Protection

Sample deletes itself

Source: /tmp/fileUgTOdi (PID: 6233)	File: /tmp/fileqhp3Kw	Jump to behavior
Source: /tmp/fileqhp3Kw (PID: 6237)	File: /tmp/file470u1N	Jump to behavior
Source: /tmp/file470u1N (PID: 6240)	File: /tmp/fileWdgeA2	Jump to behavior
Source: /tmp/fileWdgeA2 (PID: 6262)	File: /tmp/filejDXaDH	Jump to behavior
Source: /tmp/filejDXaDH (PID: 6265)	File: /tmp/fileTma2ET	Jump to behavior
Source: /tmp/fileTma2ET (PID: 6270)	File: /tmp/filetHDYbl	Jump to behavior
Source: /tmp/filetHDYbl (PID: 6273)	File: /tmp/filedS2MQv	Jump to behavior
Source: /tmp/filedS2MQv (PID: 6277)	File: /tmp/fileeNG5DQ	Jump to behavior
Source: /tmp/fileeNG5DQ (PID: 6282)	File: /tmp/fileCF2Hnc	Jump to behavior
Source: /tmp/fileCF2Hnc (PID: 6285)	File: /tmp/file9A4GLp	Jump to behavior
Source: /tmp/file9A4GLp (PID: 6288)	File: /tmp/file60cv7E	Jump to behavior
Source: /tmp/file60cv7E (PID: 6291)	File: /tmp/file6kWgpU	Jump to behavior
Source: /tmp/file6kWgpU (PID: 6297)	File: /tmp/fileXxh8wk	Jump to behavior
Source: /tmp/fileXxh8wk (PID: 6300)	File: /tmp/files00aOy	Jump to behavior
Source: /tmp/files00aOy (PID: 6303)	File: /tmp/fileBFgRHP	Jump to behavior
Source: /tmp/fileBFgRHP (PID: 6306)	File: /tmp/fileLy1jU3	Jump to behavior
Source: /tmp/fileLy1jU3 (PID: 6310)	File: /tmp/file8oGpqk	Jump to behavior
Source: /tmp/file8oGpqk (PID: 6314)	File: /tmp/file2jhEeE	Jump to behavior
Source: /tmp/file2jhEeE (PID: 6317)	File: /tmp/file6zcNMS	Jump to behavior
Source: /tmp/file6zcNMS (PID: 6324)	File: /tmp/filePBDfvq	Jump to behavior
Source: /tmp/filePBDfvq (PID: 6327)	File: /tmp/filetdSCHD	Jump to behavior
Source: /tmp/filetdSCHD (PID: 6330)	File: /tmp/filew3wvPR	Jump to behavior
Source: /tmp/filew3wvPR (PID: 6333)	File: /tmp/filefqXeP3	Jump to behavior
Source: /tmp/filefqXeP3 (PID: 6337)	File: /tmp/file1QIyXl	Jump to behavior
Source: /tmp/file1QIyXl (PID: 6340)	File: /tmp/filekeuGUz	Jump to behavior
Source: /tmp/filekeuGUz (PID: 6346)	File: /tmp/file7bgEB3	Jump to behavior
Source: /tmp/file7bgEB3 (PID: 6349)	File: /tmp/filehWYmhj	Jump to behavior
Source: /tmp/filehWYmhj (PID: 6352)	File: /tmp/fileySilhv	Jump to behavior
Source: /tmp/fileySilhv (PID: 6358)	File: /tmp/file4DiwZW	Jump to behavior
Source: /tmp/file4DiwZW (PID: 6365)	File: /tmp/filevo1ogs	Jump to behavior
Source: /tmp/filevo1ogs (PID: 6368)	File: /tmp/filetyqwKI	Jump to behavior
Source: /tmp/filetyqwKI (PID: 6371)	File: /tmp/filekXlXRW	Jump to behavior
Source: /tmp/filekXlXRW (PID: 6377)	File: /tmp/filerPV3jn	Jump to behavior
Source: /tmp/filerPV3jn (PID: 6383)	File: /tmp/file4pVPyP	Jump to behavior
Source: /tmp/file4pVPyP (PID: 6386)	File: /tmp/fileRu8dY5	Jump to behavior
Source: /tmp/fileRu8dY5 (PID: 6389)	File: /tmp/fileKUwFri	Jump to behavior
Source: /tmp/fileKUwFri (PID: 6392)	File: /tmp/filePDxcMy	Jump to behavior
Source: /tmp/filePDxcMy (PID: 6396)	File: /tmp/files64ECN	Jump to behavior
Source: /tmp/files64ECN (PID: 6399)	File: /tmp/fileQ5shb2	Jump to behavior
Source: /tmp/fileQ5shb2 (PID: 6404)	File: /tmp/filedkRXxs	Jump to behavior
Source: /tmp/filedkRXxs (PID: 6407)	File: /tmp/fileHJhEpH	Jump to behavior
Source: /tmp/fileHJhEpH (PID: 6412)	File: /tmp/filevVeDI2	Jump to behavior
Source: /tmp/filevVeDI2 (PID: 6415)	File: /tmp/file2HKM1f	Jump to behavior

Source: filevVeDI2, 6415.1.0000560144b97000.0000560144bb8000.rw-.sdmp	Binary or memory string: vmware-root_721-4290559889?G
Source: file470u1N, 6240.1.00005559e2353000.00005559e2374000.rw-.sdmp	Binary or memory string: vmware-root_721-42905`
Source: filevVeDI2, 6415.1.0000560144b97000.0000560144bb8000.rw-.sdmp	Binary or memory string: vmware-root_721-4290559889

Stealing of Sensitive Information

Yara detected Gafgyt

Source: Yara match	File source: x86.elf, type: SAMPLE
Source: Yara match	File source: /tmp/filedkRXxs, type: DROPPED
Source: Yara match	File source: /tmp/fileySilhv, type: DROPPED
Source: Yara match	File source: /tmp/fileBFgRHP, type: DROPPED
Source: Yara match	File source: /tmp/filevVeDI2, type: DROPPED
Source: Yara match	File source: /tmp/filekXlXRW, type: DROPPED
Source: Yara match	File source: /tmp/fileQ5shb2, type: DROPPED
Source: Yara match	File source: /tmp/files00aOy, type: DROPPED
Source: Yara match	File source: /tmp/filehWYmhj, type: DROPPED
Source: Yara match	File source: /tmp/file470u1N, type: DROPPED
Source: Yara match	File source: /tmp/filePDxcMy, type: DROPPED
Source: Yara match	File source: /tmp/filejDXaDH, type: DROPPED
Source: Yara match	File source: /tmp/fileWdgeA2, type: DROPPED
Source: Yara match	File source: /tmp/filekeuGUz, type: DROPPED
Source: Yara match	File source: /tmp/file2jhEeE, type: DROPPED
Source: Yara match	File source: /tmp/fileHJhEpH, type: DROPPED
Source: Yara match	File source: /tmp/filerPV3jn, type: DROPPED
Source: Yara match	File source: /tmp/file60cv7E, type: DROPPED
Source: Yara match	File source: /tmp/fileeNG5DQ, type: DROPPED
Source: Yara match	File source: /tmp/fileLy1jU3, type: DROPPED
Source: Yara match	File source: /tmp/file4pVPyP, type: DROPPED
Source: Yara match	File source: /tmp/fileXxh8wk, type: DROPPED
Source: Yara match	File source: /tmp/filedS2MQv, type: DROPPED
Source: Yara match	File source: /tmp/filePBDfvq, type: DROPPED
Source: Yara match	File source: /tmp/file8oGpqk, type: DROPPED
Source: Yara match	File source: /tmp/file4DiwZW, type: DROPPED
Source: Yara match	File source: /tmp/file1QIyXl, type: DROPPED
Source: Yara match	File source: /tmp/fileqhp3Kw, type: DROPPED
Source: Yara match	File source: /tmp/filetHDYbl, type: DROPPED
Source: Yara match	File source: /tmp/filetdSCHD, type: DROPPED
Source: Yara match	File source: /tmp/fileTma2ET, type: DROPPED
Source: Yara match	File source: /tmp/fileCF2Hnc, type: DROPPED
Source: Yara match	File source: /tmp/file9A4GLp, type: DROPPED
Source: Yara match	File source: /tmp/fileUgTOdi, type: DROPPED
Source: Yara match	File source: /tmp/filevo1ogs, type: DROPPED
Source: Yara match	File source: /tmp/fileRu8dY5, type: DROPPED
Source: Yara match	File source: /tmp/file6zcNMS, type: DROPPED
Source: Yara match	File source: /tmp/filew3wvPR, type: DROPPED
Source: Yara match	File source: /tmp/file6kWgpU, type: DROPPED
Source: Yara match	File source: /tmp/filefqXeP3, type: DROPPED
Source: Yara match	File source: /tmp/file7bgEB3, type: DROPPED
Source: Yara match	File source: /tmp/file2HKM1f, type: DROPPED
Source: Yara match	File source: /tmp/filetyqwKI, type: DROPPED
Source: Yara match	File source: /tmp/fileKUwFri, type: DROPPED
Source: Yara match	File source: /tmp/files64ECN, type: DROPPED

Yara detected Mirai

Source: Yara match	File source: x86.elf, type: SAMPLE
Source: Yara match	File source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6327.1.00007f5f03fd2000.00007f5f0431a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6412.1.00007f653ad08000.00007f653b32f000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6288.1.00007ff79b3ad000.00007ff79b597000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6365.1.00007fa4fb157000.00007fa4fb5da000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6377.1.00007f684fe04000.00007f68502f0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6415.1.00007f576945a000.00007f57698ba000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6407.1.00007f35cf239000.00007f35cf83d000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6396.1.00007fb5f7070000.00007fb5f760b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6314.1.00007fe48a96b000.00007fe48ac4a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6383.1.00007f5c77b74000.00007f5c78083000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6330.1.00007f7e6315b000.00007f7e634c6000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6291.1.00007f57cbd96000.00007f57cbfa3000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6324.1.00007ff9c7f0e000.00007ff9c8233000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6404.1.00007fb333ca6000.00007fb334287000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6389.1.00007f9759644000.00007f9759b99000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6358.1.00007f73c8fd8000.00007f73c9438000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6333.1.00007feca0afc000.00007feca0e8a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: x86.elf PID: 6230, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileUgTOdi PID: 6233, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileUgTOdi PID: 6237, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileqhp3Kw PID: 6237, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileqhp3Kw PID: 6240, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file470u1N PID: 6240, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file470u1N PID: 6262, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileWdgeA2 PID: 6262, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileWdgeA2 PID: 6265, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filejDXaDH PID: 6265, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filejDXaDH PID: 6270, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileTma2ET PID: 6270, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileTma2ET PID: 6273, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetHDYbl PID: 6273, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetHDYbl PID: 6277, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filedS2MQv PID: 6277, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filedS2MQv PID: 6282, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileeNG5DQ PID: 6282, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileeNG5DQ PID: 6285, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileCF2Hnc PID: 6285, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileCF2Hnc PID: 6288, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file9A4GLp PID: 6288, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file9A4GLp PID: 6291, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file60cv7E PID: 6291, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file60cv7E PID: 6297, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6kWgpU PID: 6297, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6kWgpU PID: 6300, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileXxh8wk PID: 6300, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileXxh8wk PID: 6303, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: files00aOy PID: 6303, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: files00aOy PID: 6306, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileBFgRHP PID: 6306, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileBFgRHP PID: 6310, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileLy1jU3 PID: 6310, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileLy1jU3 PID: 6314, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file8oGpqk PID: 6314, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file8oGpqk PID: 6317, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file2jhEeE PID: 6317, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file2jhEeE PID: 6324, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6zcNMS PID: 6324, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6zcNMS PID: 6327, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filePBDfvq PID: 6327, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filePBDfvq PID: 6330, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetdSCHD PID: 6330, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetdSCHD PID: 6333, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filew3wvPR PID: 6333, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filew3wvPR PID: 6337, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filefqXeP3 PID: 6337, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filefqXeP3 PID: 6340, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file1QIyXl PID: 6340, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file1QIyXl PID: 6346, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filekeuGUz PID: 6346, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filekeuGUz PID: 6349, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file7bgEB3 PID: 6349, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file7bgEB3 PID: 6352, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filehWYmhj PID: 6352, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filehWYmhj PID: 6358, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileySilhv PID: 6358, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileySilhv PID: 6365, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file4DiwZW PID: 6365, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file4DiwZW PID: 6368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filevo1ogs PID: 6368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filevo1ogs PID: 6371, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetyqwKI PID: 6371, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetyqwKI PID: 6377, type: MEMORYSTR
Source: Yara match	File source: /tmp/fileySilhv, type: DROPPED
Source: Yara match	File source: /tmp/filedkRXxs, type: DROPPED
Source: Yara match	File source: /tmp/filevVeDI2, type: DROPPED
Source: Yara match	File source: /tmp/fileBFgRHP, type: DROPPED
Source: Yara match	File source: /tmp/filekXlXRW, type: DROPPED
Source: Yara match	File source: /tmp/filehWYmhj, type: DROPPED
Source: Yara match	File source: /tmp/filePDxcMy, type: DROPPED
Source: Yara match	File source: /tmp/fileWdgeA2, type: DROPPED
Source: Yara match	File source: /tmp/fileHJhEpH, type: DROPPED
Source: Yara match	File source: /tmp/file60cv7E, type: DROPPED
Source: Yara match	File source: /tmp/fileLy1jU3, type: DROPPED
Source: Yara match	File source: /tmp/file470u1N, type: DROPPED
Source: Yara match	File source: /tmp/file2jhEeE, type: DROPPED
Source: Yara match	File source: /tmp/file4pVPyP, type: DROPPED
Source: Yara match	File source: /tmp/filekeuGUz, type: DROPPED
Source: Yara match	File source: /tmp/filePBDfvq, type: DROPPED
Source: Yara match	File source: /tmp/filerPV3jn, type: DROPPED
Source: Yara match	File source: /tmp/filedS2MQv, type: DROPPED
Source: Yara match	File source: /tmp/file8oGpqk, type: DROPPED
Source: Yara match	File source: /tmp/fileXxh8wk, type: DROPPED
Source: Yara match	File source: /tmp/filejDXaDH, type: DROPPED
Source: Yara match	File source: /tmp/files00aOy, type: DROPPED
Source: Yara match	File source: /tmp/fileqhp3Kw, type: DROPPED
Source: Yara match	File source: /tmp/filetHDYbl, type: DROPPED
Source: Yara match	File source: /tmp/fileeNG5DQ, type: DROPPED
Source: Yara match	File source: /tmp/file1QIyXl, type: DROPPED
Source: Yara match	File source: /tmp/fileQ5shb2, type: DROPPED
Source: Yara match	File source: /tmp/file4DiwZW, type: DROPPED
Source: Yara match	File source: /tmp/filetdSCHD, type: DROPPED
Source: Yara match	File source: /tmp/fileTma2ET, type: DROPPED
Source: Yara match	File source: /tmp/fileCF2Hnc, type: DROPPED
Source: Yara match	File source: /tmp/file9A4GLp, type: DROPPED
Source: Yara match	File source: /tmp/fileUgTOdi, type: DROPPED
Source: Yara match	File source: /tmp/filevo1ogs, type: DROPPED
Source: Yara match	File source: /tmp/fileRu8dY5, type: DROPPED
Source: Yara match	File source: /tmp/file6zcNMS, type: DROPPED
Source: Yara match	File source: /tmp/file6kWgpU, type: DROPPED
Source: Yara match	File source: /tmp/file7bgEB3, type: DROPPED
Source: Yara match	File source: /tmp/filew3wvPR, type: DROPPED
Source: Yara match	File source: /tmp/filefqXeP3, type: DROPPED
Source: Yara match	File source: /tmp/filetyqwKI, type: DROPPED
Source: Yara match	File source: /tmp/file2HKM1f, type: DROPPED
Source: Yara match	File source: /tmp/fileKUwFri, type: DROPPED
Source: Yara match	File source: /tmp/files64ECN, type: DROPPED

Sample contains strings that are user agent strings indicative of HTTP manipulation

Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; pl) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; en) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; ja) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; de) Opera 11.01
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; fr) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
Source: Initial sample	User agent string found: Mozilla/5.0 (iPhone; CPU iPhone OS 8_4 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12H143 Safari/600.1.4
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11) AppleWebKit/601.1.56 (KHTML, like Gecko) Version/9.0 Safari/601.1.56
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Source: Initial sample	User agent string found: Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51
Source: Initial sample	User agent string found: Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.94 Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Linux; Android 4.4.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36
Source: Initial sample	User agent string found: Mozilla/5.0 (Linux; Android 4.4.3; HTC_0PCV2 Build/KTU84L) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36
Source: Initial sample	User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; X11; Linux x86_64; pl) Opera 11.00
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:25.0) Gecko/20100101 Firefox/25.0
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Firefox/24.0
Source: Initial sample	User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10; rv:33.0) Gecko/20100101 Firefox/33.0

Remote Access Functionality

Yara detected Gafgyt

Source: Yara match	File source: x86.elf, type: SAMPLE
Source: Yara match	File source: /tmp/filedkRXxs, type: DROPPED
Source: Yara match	File source: /tmp/fileySilhv, type: DROPPED
Source: Yara match	File source: /tmp/fileBFgRHP, type: DROPPED
Source: Yara match	File source: /tmp/filevVeDI2, type: DROPPED
Source: Yara match	File source: /tmp/filekXlXRW, type: DROPPED
Source: Yara match	File source: /tmp/fileQ5shb2, type: DROPPED
Source: Yara match	File source: /tmp/files00aOy, type: DROPPED
Source: Yara match	File source: /tmp/filehWYmhj, type: DROPPED
Source: Yara match	File source: /tmp/file470u1N, type: DROPPED
Source: Yara match	File source: /tmp/filePDxcMy, type: DROPPED
Source: Yara match	File source: /tmp/filejDXaDH, type: DROPPED
Source: Yara match	File source: /tmp/fileWdgeA2, type: DROPPED
Source: Yara match	File source: /tmp/filekeuGUz, type: DROPPED
Source: Yara match	File source: /tmp/file2jhEeE, type: DROPPED
Source: Yara match	File source: /tmp/fileHJhEpH, type: DROPPED
Source: Yara match	File source: /tmp/filerPV3jn, type: DROPPED
Source: Yara match	File source: /tmp/file60cv7E, type: DROPPED
Source: Yara match	File source: /tmp/fileeNG5DQ, type: DROPPED
Source: Yara match	File source: /tmp/fileLy1jU3, type: DROPPED
Source: Yara match	File source: /tmp/file4pVPyP, type: DROPPED
Source: Yara match	File source: /tmp/fileXxh8wk, type: DROPPED
Source: Yara match	File source: /tmp/filedS2MQv, type: DROPPED
Source: Yara match	File source: /tmp/filePBDfvq, type: DROPPED
Source: Yara match	File source: /tmp/file8oGpqk, type: DROPPED
Source: Yara match	File source: /tmp/file4DiwZW, type: DROPPED
Source: Yara match	File source: /tmp/file1QIyXl, type: DROPPED
Source: Yara match	File source: /tmp/fileqhp3Kw, type: DROPPED
Source: Yara match	File source: /tmp/filetHDYbl, type: DROPPED
Source: Yara match	File source: /tmp/filetdSCHD, type: DROPPED
Source: Yara match	File source: /tmp/fileTma2ET, type: DROPPED
Source: Yara match	File source: /tmp/fileCF2Hnc, type: DROPPED
Source: Yara match	File source: /tmp/file9A4GLp, type: DROPPED
Source: Yara match	File source: /tmp/fileUgTOdi, type: DROPPED
Source: Yara match	File source: /tmp/filevo1ogs, type: DROPPED
Source: Yara match	File source: /tmp/fileRu8dY5, type: DROPPED
Source: Yara match	File source: /tmp/file6zcNMS, type: DROPPED
Source: Yara match	File source: /tmp/filew3wvPR, type: DROPPED
Source: Yara match	File source: /tmp/file6kWgpU, type: DROPPED
Source: Yara match	File source: /tmp/filefqXeP3, type: DROPPED
Source: Yara match	File source: /tmp/file7bgEB3, type: DROPPED
Source: Yara match	File source: /tmp/file2HKM1f, type: DROPPED
Source: Yara match	File source: /tmp/filetyqwKI, type: DROPPED
Source: Yara match	File source: /tmp/fileKUwFri, type: DROPPED
Source: Yara match	File source: /tmp/files64ECN, type: DROPPED

Yara detected Mirai

Source: Yara match	File source: x86.elf, type: SAMPLE
Source: Yara match	File source: 6240.1.00007f58766ee000.00007f58767c0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6230.1.00007fb8c435f000.00007fb8c43c6000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6273.1.00007fcf5f96c000.00007fcf5faca000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6262.1.00007ff1865bb000.00007ff1866b0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6233.1.00007fb18d6cc000.00007fb18d758000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6285.1.00007fae576a9000.00007fae57870000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6270.1.00007fc88d199000.00007fc88d2d4000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6237.1.00007f880e9d3000.00007f880ea82000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6306.1.00007f0d4623f000.00007f0d464d8000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6282.1.00007f3c7a651000.00007f3c7a7f5000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6297.1.00007fc3bdca9000.00007fc3bded9000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6337.1.00007feb4bb93000.00007feb4bf44000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6327.1.00007f5f03fd2000.00007f5f0431a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6352.1.00007f58cdeee000.00007f58ce32b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6310.1.00007fae2ec1e000.00007fae2eeda000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6412.1.00007f653ad08000.00007f653b32f000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6265.1.00007f411505e000.00007f4115176000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6300.1.00007f5df74eb000.00007f5df773e000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6349.1.00007fdbb93b9000.00007fdbb97d3000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6340.1.00007f4593eeb000.00007f45942bf000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6303.1.00007fd979b66000.00007fd979ddc000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6317.1.00007f0f5646f000.00007f0f56771000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6368.1.00007f5673378000.00007f567381e000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6371.1.00007ff0f148b000.00007ff0f1954000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6346.1.00007fe680b6c000.00007fe680f63000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6392.1.00007f4b3b2ec000.00007f4b3b864000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6399.1.00007fc9273f4000.00007fc9279b2000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6288.1.00007ff79b3ad000.00007ff79b597000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6386.1.00007f939a97c000.00007f939aeae000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6365.1.00007fa4fb157000.00007fa4fb5da000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6277.1.00007f0b76bea000.00007f0b76d6b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6377.1.00007f684fe04000.00007f68502f0000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6415.1.00007f576945a000.00007f57698ba000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6407.1.00007f35cf239000.00007f35cf83d000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6396.1.00007fb5f7070000.00007fb5f760b000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6314.1.00007fe48a96b000.00007fe48ac4a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6383.1.00007f5c77b74000.00007f5c78083000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6330.1.00007f7e6315b000.00007f7e634c6000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6291.1.00007f57cbd96000.00007f57cbfa3000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6324.1.00007ff9c7f0e000.00007ff9c8233000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6404.1.00007fb333ca6000.00007fb334287000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6389.1.00007f9759644000.00007f9759b99000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6358.1.00007f73c8fd8000.00007f73c9438000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: 6333.1.00007feca0afc000.00007feca0e8a000.rw-.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: x86.elf PID: 6230, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileUgTOdi PID: 6233, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileUgTOdi PID: 6237, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileqhp3Kw PID: 6237, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileqhp3Kw PID: 6240, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file470u1N PID: 6240, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file470u1N PID: 6262, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileWdgeA2 PID: 6262, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileWdgeA2 PID: 6265, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filejDXaDH PID: 6265, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filejDXaDH PID: 6270, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileTma2ET PID: 6270, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileTma2ET PID: 6273, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetHDYbl PID: 6273, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetHDYbl PID: 6277, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filedS2MQv PID: 6277, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filedS2MQv PID: 6282, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileeNG5DQ PID: 6282, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileeNG5DQ PID: 6285, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileCF2Hnc PID: 6285, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileCF2Hnc PID: 6288, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file9A4GLp PID: 6288, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file9A4GLp PID: 6291, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file60cv7E PID: 6291, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file60cv7E PID: 6297, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6kWgpU PID: 6297, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6kWgpU PID: 6300, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileXxh8wk PID: 6300, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileXxh8wk PID: 6303, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: files00aOy PID: 6303, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: files00aOy PID: 6306, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileBFgRHP PID: 6306, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileBFgRHP PID: 6310, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileLy1jU3 PID: 6310, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileLy1jU3 PID: 6314, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file8oGpqk PID: 6314, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file8oGpqk PID: 6317, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file2jhEeE PID: 6317, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file2jhEeE PID: 6324, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6zcNMS PID: 6324, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file6zcNMS PID: 6327, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filePBDfvq PID: 6327, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filePBDfvq PID: 6330, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetdSCHD PID: 6330, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetdSCHD PID: 6333, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filew3wvPR PID: 6333, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filew3wvPR PID: 6337, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filefqXeP3 PID: 6337, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filefqXeP3 PID: 6340, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file1QIyXl PID: 6340, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file1QIyXl PID: 6346, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filekeuGUz PID: 6346, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filekeuGUz PID: 6349, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file7bgEB3 PID: 6349, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file7bgEB3 PID: 6352, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filehWYmhj PID: 6352, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filehWYmhj PID: 6358, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileySilhv PID: 6358, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: fileySilhv PID: 6365, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file4DiwZW PID: 6365, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: file4DiwZW PID: 6368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filevo1ogs PID: 6368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filevo1ogs PID: 6371, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetyqwKI PID: 6371, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: filetyqwKI PID: 6377, type: MEMORYSTR
Source: Yara match	File source: /tmp/fileySilhv, type: DROPPED
Source: Yara match	File source: /tmp/filedkRXxs, type: DROPPED
Source: Yara match	File source: /tmp/filevVeDI2, type: DROPPED
Source: Yara match	File source: /tmp/fileBFgRHP, type: DROPPED
Source: Yara match	File source: /tmp/filekXlXRW, type: DROPPED
Source: Yara match	File source: /tmp/filehWYmhj, type: DROPPED
Source: Yara match	File source: /tmp/filePDxcMy, type: DROPPED
Source: Yara match	File source: /tmp/fileWdgeA2, type: DROPPED
Source: Yara match	File source: /tmp/fileHJhEpH, type: DROPPED
Source: Yara match	File source: /tmp/file60cv7E, type: DROPPED
Source: Yara match	File source: /tmp/fileLy1jU3, type: DROPPED
Source: Yara match	File source: /tmp/file470u1N, type: DROPPED
Source: Yara match	File source: /tmp/file2jhEeE, type: DROPPED
Source: Yara match	File source: /tmp/file4pVPyP, type: DROPPED
Source: Yara match	File source: /tmp/filekeuGUz, type: DROPPED
Source: Yara match	File source: /tmp/filePBDfvq, type: DROPPED
Source: Yara match	File source: /tmp/filerPV3jn, type: DROPPED
Source: Yara match	File source: /tmp/filedS2MQv, type: DROPPED
Source: Yara match	File source: /tmp/file8oGpqk, type: DROPPED
Source: Yara match	File source: /tmp/fileXxh8wk, type: DROPPED
Source: Yara match	File source: /tmp/filejDXaDH, type: DROPPED
Source: Yara match	File source: /tmp/files00aOy, type: DROPPED
Source: Yara match	File source: /tmp/fileqhp3Kw, type: DROPPED
Source: Yara match	File source: /tmp/filetHDYbl, type: DROPPED
Source: Yara match	File source: /tmp/fileeNG5DQ, type: DROPPED
Source: Yara match	File source: /tmp/file1QIyXl, type: DROPPED
Source: Yara match	File source: /tmp/fileQ5shb2, type: DROPPED
Source: Yara match	File source: /tmp/file4DiwZW, type: DROPPED
Source: Yara match	File source: /tmp/filetdSCHD, type: DROPPED
Source: Yara match	File source: /tmp/fileTma2ET, type: DROPPED
Source: Yara match	File source: /tmp/fileCF2Hnc, type: DROPPED
Source: Yara match	File source: /tmp/file9A4GLp, type: DROPPED
Source: Yara match	File source: /tmp/fileUgTOdi, type: DROPPED
Source: Yara match	File source: /tmp/filevo1ogs, type: DROPPED
Source: Yara match	File source: /tmp/fileRu8dY5, type: DROPPED
Source: Yara match	File source: /tmp/file6zcNMS, type: DROPPED
Source: Yara match	File source: /tmp/file6kWgpU, type: DROPPED
Source: Yara match	File source: /tmp/file7bgEB3, type: DROPPED
Source: Yara match	File source: /tmp/filew3wvPR, type: DROPPED
Source: Yara match	File source: /tmp/filefqXeP3, type: DROPPED
Source: Yara match	File source: /tmp/filetyqwKI, type: DROPPED
Source: Yara match	File source: /tmp/file2HKM1f, type: DROPPED
Source: Yara match	File source: /tmp/fileKUwFri, type: DROPPED
Source: Yara match	File source: /tmp/files64ECN, type: DROPPED

ID:	1562722
Product:	CloudBasic
Start time:	23:21:06
Start date:	25.11.2024
Sample:	x86.elf
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Architecture:	LINUX
MD5:	6c729f11f6803f98780dd8fb703fd3f4
SHA1:	c34ea885a9e186d052f47af72d4a7951afc868ab
SHA256:	d6c811a85da0937edf987d3cd032b13903ba7ea0c1796f654f7c5a2c9593d55d
Filetype:	ELF Executable and Linkable format (Linux) (4029/14) 49.77%

Linux Analysis Report
x86.elf

Overview

General Information

Detection

Signatures

Classification

Malware Threat Intel
Provided by

Signatures

AV Detection

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Stealing of Sensitive Information

Remote Access Functionality

Screenshots

Network Map

Contacted Public IPs

Linux Analysis Report x86.elf

Overview

General Information

Detection

Signatures

Classification

Malware Threat Intel Provided by

Signatures

AV Detection

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Stealing of Sensitive Information

Remote Access Functionality

Screenshots

Network Map

Contacted Public IPs

Linux Analysis Report
x86.elf

Malware Threat Intel
Provided by